Hi :) I just got the same error when using MSAL.js
We had a web app (SPA) used as an Iframe two places but only one of the places throw back the error above - which was strange I though.
I then tried to make the auth code flow without MSAL as a fix, but still auth didn't work!? :O
The issue was that I was using the browser's default digest function
window.crypto.subtle was undefined.
I later figured out that
window.crypto.subtle.digest is only provided in a "secure context" (https://developer.mozilla.org/en-US/docs/Web/API/SubtleCrypto/digest).
Even though we used https the object was undefined. So I suspect MSAL to also using
window.crypto.subtle.digest (because it is a browser default feature) and is why it didn't work.
As a fix I did the auth code flow manually but used this module for creating the digest: js-sha256